Global Pharmaceutical Manufacturing Company Implemented SOC (Security Operation Center)
AtmosSecure SOC Solution from Network Techlab helps one of the Global Pharmaceutical Manufacturing Company to improves security posture, get complete visibility using AI and ML Technology and build compliance-ready security environment.
Organization
Global Pharmaceutical Manufacturing Company
Location
Mumbai
Domain
Pharma – Manufacturing
Solutions Offered
AtmosSecure SIEM and SOC Solution
Overview:
Global innovative medical solution company which was established in 1962 is the largest manufacturer of medical implants. Team of passionate Engineers and Technicians work together to meet the customer objectives across globe with their cutting-edge Technology, world-class Infrastructure and absolute focus on Quality.
They were looking to enhance the overall Security posture of the Organization and was in a need for complete visibility of their infrastructure. Multiple and manual correlation of the logs to any suspicious activity in the Network was difficult but demanding. IT Personnel needed to get all the logs over a single solution; AI and ML technology to respond a sophisticated attack. There were no internal teams to monitor this activity from a different console.
Challenge:
The company found that its cyber defenses had to be improvised for the sophisticated attacks arising daily. Being into a Healthcare manufacturing segment sensitive data of the company decisive. To implement the Advance SIEM solution, we need to make sure all logs from the critical devices were forwarded to the SOC Server, ensuring traffic was allowed to forward logs to the SOC server. The company had an Endpoint solution which could not forward logs to Syslog directly and they also had a Cloud-based Zscalar solution which also could not forward logs directly.
Solution :
As this solution is very simple in terms of deployment, so no major challenges were faced while installation. But as in IT you get some or the other expected or unexpected challenges. To ingest log from the endpoint solution and Zscalar which cannot forward logs directly was the major challenge which we faced.
To ingest logs from this Endpoint, we created a custom connector which can pull logs from the endpoint database directly which resolves our major issue. To ingest Zscalar logs we had to install NSS which is the Zscalar log connector through which we forwarded logs onto our platform.
Benefits :
- Automation at its Best: No rules or human intervention needed | Out-of-box solution starts working within seconds of installation.
- Adaptive Visualization-Unparalleled Visibility : Advanced behavioral and machine learning technologies gives complete visibility in terms of both internal and external threats that too with Bird eye and Worm eye view
- Multi-Layer Effective Detection:
Detection of known as well as never-before-seen threats at the earliest phase of the chain.
Shows the threats that matter – which needs immediate action, Indicates all compromised sources and threat targets - Threat Impact Analysis
Comprehensive interactive visual interface to drill down into threats, effected sources and targets
Provides clear actionable steps to stop the threat
Indicates the service impact of the recommended remediation
De-risks remediation – tracks and reports all actions for later audit - Reduces Mean-Time-to-Identify (MTTI) and Mean-Time-To-Response (MTTR) with automated real-time detection and remediation with the past context focusing on known and unknown “threats-that-matter”
- Uses behavioral analytics generated by an extensive set of dynamic threat models, aided by Machine Learning, Artificial Intelligence to detect both known and unknown attacks
Network Techlab (I) Pvt. Ltd.
41, Sarvodaya Industrial Estate, Opp. Paper Box, Off. Mahakali Caves Road, Andheri East, Mumbai – 400093. India
P: 022-6681 4141 | info@netlabindia.com | www.netlabindia.com
Mumbai | Navi Mumbai | Ahmedabad | Vadodara | Vapi | Pune | Bangalore | Chennai | Goa | Delhi | Kolkata